FBI Warns US Companies about Iranian Hackers

Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, said the FBI. (Getty Images)
Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, said the FBI. (Getty Images)
TT
20

FBI Warns US Companies about Iranian Hackers

Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, said the FBI. (Getty Images)
Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, said the FBI. (Getty Images)

Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, the FBI said in an advisory sent to US companies obtained by CNN.

The Iranian hackers have taken an interest in dark-web forums, where scammers leak information on their victims such as stolen emails and network configurations, according to the November 8 advisory. The FBI is concerned that the Iranian hacking group could use that information to plot ways into US corporate networks in the future.

Organizations at risk are advised to take mitigation measures to block hacking attempts by securing Remote Desktop Protocol (RDP) servers, Web Application Firewalls, and Kentico CMS installations targeted by this adversary, said Bleeping Computer, a cybersecurity news outlet, which was the first to report on the FBI analysis.

"Among the Tactics, Techniques, and Procedures (TTPs) used in attacks by this threat actor since May 2021, the FBI mentions the use of auto-exploiter tools used to compromise WordPress sites to deploy web shells, breaching RDP servers and using them to maintain access to victims' networks."

It is unclear which Iranian hacking group is behind the activity. The FBI did not identify the hackers by name or say if they are linked to the Iranian government.

Adam Meyers, senior vice president of intelligence at security firm CrowdStrike, told CNN that Iranian government-linked hackers have increasingly dabbled in cybercriminal activity, such as ransomware, as a means of blurring the lines between state and non-state cyber operations.

"It is well within (Iranian groups') modus operandi to purchase access to networks held by a criminal group if it serves their interests," he added.

An unnamed Iranian hacking group used similar tools to steal voter registration data from state election sites between September and October 2020, Bleeping Computer.

"That voter info was later used to impersonate the far-right Proud Boys organization and send threatening emails to Democratic voters warning that they must vote for Trump or face the consequences."

"The FBI's Cyber Division also warned in a private industry notification issued last week that ransomware gangs have compromised the networks of several tribal-owned casinos, taking down their servers and disabling connected systems."

"The same week, the federal agency also alerted the public that criminals are increasingly using cryptocurrency ATMs and QR codes for fraud, making it harder for law enforcement to recover the victims' financial losses."



UN-backed Team Focusing on Human Rights in Palestinian Areas Announce Resignations

Chair of the Commission Navi Pillay delivers her statement of the report of the Independent International Commission of Inquiry on the Occupied Palestinian Territory, including East Jerusalem, and Israel, during the 56th session of the Human Rights Council, at the European headquarters of the United Nations in Geneva, Switzerland, Wednesday, June 19, 2024. (Martial Trezzini/Keystone via AP, File)
Chair of the Commission Navi Pillay delivers her statement of the report of the Independent International Commission of Inquiry on the Occupied Palestinian Territory, including East Jerusalem, and Israel, during the 56th session of the Human Rights Council, at the European headquarters of the United Nations in Geneva, Switzerland, Wednesday, June 19, 2024. (Martial Trezzini/Keystone via AP, File)
TT
20

UN-backed Team Focusing on Human Rights in Palestinian Areas Announce Resignations

Chair of the Commission Navi Pillay delivers her statement of the report of the Independent International Commission of Inquiry on the Occupied Palestinian Territory, including East Jerusalem, and Israel, during the 56th session of the Human Rights Council, at the European headquarters of the United Nations in Geneva, Switzerland, Wednesday, June 19, 2024. (Martial Trezzini/Keystone via AP, File)
Chair of the Commission Navi Pillay delivers her statement of the report of the Independent International Commission of Inquiry on the Occupied Palestinian Territory, including East Jerusalem, and Israel, during the 56th session of the Human Rights Council, at the European headquarters of the United Nations in Geneva, Switzerland, Wednesday, June 19, 2024. (Martial Trezzini/Keystone via AP, File)

A team of three independent experts working for the UN's top human rights body with a focus on Israel and Palestinian areas say they are resigning, citing personal reasons and a need for change, in the panel's first such group resignation.

The resignations, announced Monday by the UN-backed Human Rights Council that set up the team, come as violence continues in Palestinian areas with few signs of letup in the Israeli military campaign against Hamas and other militants behind the Oct. 7 attacks.

The Israeli government has repeatedly criticized the panel of experts, known as the Commission of Inquiry on the Occupied Palestinian Territory and Israel, and denied their repeated requests to travel to the region or otherwise cooperate with the team, The AP news reported.

Council spokesman Pascal Sim said the move marked the first joint resignations of Commission of Inquiry members since the council was founded in 2006. The team said in a statement that the resignations had “absolutely nothing to do with any external event or pressure," while also saying they provided a good opportunity to reconstitute the panel.

Navi Pillay, 83, a former UN human rights chief who has led the commission for the last four years, said in a letter to the council president that she was resigning effective Nov. 3 because of “age, medical issues and the weight of several other commitments.”

In an interview, Pillay rejected accusations from critics who accused her of antisemitism or turning a blind eye to the Hamas attacks. She recalled how she worked closely with some Jewish lawyers in the fight against apartheid in her native South Africa and was invited to Israel as the UN rights chief from 2008 to 2014.

"Name-calling is not affecting me in any way,” she said by phone. “We have striven to remain independent. That’s what we are. We’re an independent panel. We don’t take sides ... We look at the evidence and see the direction it’s taking us.”

“People who accuse us of being anti-Semitic ... they twist the facts, they invent facts, falsify facts. I would like to see them challenge the report: Which of the facts that we have set out are incorrect?” she said.

Her commission condemned the Oct. 7 attacks three days afterward in a news release that said at the time that reports "that armed groups from Gaza have gunned down hundreds of unarmed civilians are abhorrent and cannot be tolerated. Taking civilian hostages and using civilians as human shields are war crimes.”

She expressed regret that Israel didn't allow the commission access to Israel or Palestinian areas, saying "I feel that’s an injustice to Israeli Jews because we’re not taking on board their opinion or what they’re saying.”

Pillay said she had been recently diagnosed with low platelet count and her condition has restricted her ability to travel.

Her team said it wanted to give the rights council's president — currently Ambassador Jürg Lauber of Switzerland — the ability to pick new members.

Team member Chris Sidoti said Pillay's retirement marked “an appropriate time to re-constitute the commission.” The third member, Miloon Kothari, did not provide his reasons in a letter announcing his resignation effective 0ct. 31.

Neither the independent experts nor the council have any power over countries, but aim to spotlight rights abuses and collect information about suspected perpetrators that could be used by the International Criminal Court or other courts focusing on international justice.

The letters were sent to the council president last week but only became public Monday.

Last week, the US government announced sanctions against another independent expert mandated by the council, Francesca Albanese, who has also focused on Israel and the Palestinians. Albanese has accused Israel of genocide against the Palestinians, a claim Israel has denied.

Albanese said in an interview last week with The Associated Press that she was shocked by the US decision. She has not resigned.